Merge pull request 'ch4: heiko writes "zooming in" (and edits everything from 4.2 forward)' (#47) from ch4 into draft

Reviewed-on: https://codeberg.org/openpgp/notes/pulls/47

book/source/05-private.md

@@ -12,6 +12,16 @@
 https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#name-transferable-secret-keys
 
 
+(encrypted_secrets)=
+## Password protecting secret key material
+
+```{admonition} TODO
+:class: warning
+
+S2K, symmetric encryption
+```
+
+
 ## Private key operations
 
 The core of private key operations doesn't require access to the whole certificate. A private key subsystem only needs to handle the cryptographic key material.

book/source/18-glossary.md

@@ -9,6 +9,9 @@ Authentication
 Certification
     "Third party Signature" on a certificate, making a statement about that certificate, or an identity in the certificate
 
+CA
+    [Certificate authority](https://en.wikipedia.org/wiki/Certificate_authority) or certification authority. An entity that handles digital certificates, especially by signing or issuing them.
+
 Delegation
     See {term}`Trust signature`